$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft File: XnKqfVsdVjLl0z_scvp0M_Sc4po.mft (raw, json) Hash identifier: u0Y/77pvjn+I0RyeHPQKaD7uezXNy4qVjQqL6D5KwDo= Subject key identifier: B1:3A:F5:9F:C4:07:6D:73:C3:B5:EE:CB:90:9E:9D:B3:A7:16:5D:88 Authority key identifier: 5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A Certificate issuer: /CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Certificate serial: 01A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft Manifest number: 017F Signing time: Sat 23 Aug 2025 04:07:35 +0000 Manifest this update: Sat 23 Aug 2025 04:07:35 +0000 Manifest next update: Sat 30 Aug 2025 04:07:35 +0000 Files and hashes: 1: XnKqfVsdVjLl0z_scvp0M_Sc4po.crl (hash: SaFXlb/n65FRReWqUJLfnMLcNVNXtppaVp1tdMm1W90=) 2: 36C31E00637111EEA51CA05EC4F9AE02.roa (hash: lY96nEi5CKYTXJTj1z2X+4msAEH0lgBh87K7FsjTVZ8=) 3: 00E626A4A57611EF98285E5FC4F9AE02.roa (hash: 08NPSGEr7+x4MzDThoj8ZzRXxZk450XlydgirrF3WE4=) 4: 98BE8828663D11EE8CBBAE7CC4F9AE02.roa (hash: OnFM4tWhowHbvjU4usSptKOpZeLKLT7QxFEJy+UEpYk=) 5: 99341DD6663D11EE8CBBAE7CC4F9AE02.roa (hash: NzwtW94OGR5LBUfhUFwuihytDl5251IuikJ6D/DeFPA=) 6: 678C24C0663F11EEBD955D43C4F9AE02.roa (hash: Rlo1FH4ToBEybkPEC2r5mS4GIe86F2K5uAovVfJDrI8=) 7: 9830B6D8663D11EE8CBBAE7CC4F9AE02.roa (hash: RmkIIPTPM365rnHi3iyE65DKC/DdOKV16KKoUBGaAYI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:07:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 420 (0x1a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9E82, serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Validity Not Before: Aug 23 04:07:35 2025 GMT Not After : Aug 30 04:07:35 2025 GMT Subject: CN=68a93e87-f455 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:41:44:a3:1d:ca:79:74:01:9d:95:2a:fa:bd: 10:08:23:e5:9b:58:47:fc:8e:f4:2c:79:0e:4f:a8: 7b:0c:14:35:ab:a7:d4:3e:a2:f9:a5:73:ab:fe:0e: cd:64:55:64:88:b0:bf:4a:b5:00:d4:12:ca:fb:9c: f8:74:6f:b3:a9:5a:96:f1:ef:6c:b9:82:12:c0:dc: 48:b7:0f:c8:6a:2c:b3:86:55:a1:a2:a2:b0:1a:4c: 7b:ce:37:ea:11:be:1c:f9:4a:c1:89:c1:ba:3b:dc: 12:a9:5b:b9:cb:fa:2d:79:e1:a8:bb:c4:f0:4c:17: 89:80:a1:af:83:2b:46:79:1d:8e:0b:3e:4c:85:38: 51:6c:28:d6:18:71:1b:8d:d4:9b:34:b2:77:7c:d4: f7:99:9e:76:8a:7b:81:3c:2c:64:2b:40:b3:21:af: 4c:e4:1f:5e:12:5a:8c:db:c4:03:e9:a6:14:8c:45: 55:ed:e0:96:7a:02:3f:ad:a2:e9:e2:d0:8c:e1:cc: 5d:e6:6e:8d:47:a4:a6:ff:0f:f8:f0:0a:ac:ba:83: 19:bd:98:20:c3:53:2a:6a:55:f1:d3:4f:f6:79:bd: ec:77:fc:73:84:f9:3e:ad:b1:d2:71:20:74:e4:9b: 12:95:a3:91:d6:8e:63:0e:01:f9:18:45:bf:65:27: fb:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:3A:F5:9F:C4:07:6D:73:C3:B5:EE:CB:90:9E:9D:B3:A7:16:5D:88 X509v3 Authority Key Identifier: keyid:5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:ee:6a:85:87:76:f0:3a:cc:20:4f:de:69:9b:97:fc:09:51: 7d:c6:1a:af:4c:83:58:88:23:94:73:a2:11:20:40:9d:22:b9: d8:82:b9:6f:42:3a:ab:b9:ef:a3:ef:22:a5:db:a3:2e:ed:a0: 8c:ef:48:7a:7d:33:93:d3:56:3d:1b:af:87:f3:71:7a:34:98: 37:13:1b:83:6f:0b:fc:38:59:46:ce:e5:3f:d0:e4:22:fd:f5: 6d:96:b8:25:f5:04:75:d4:fc:23:ce:84:bb:c9:23:0d:2e:96: 59:a9:f6:21:ea:1a:25:ce:b3:ff:7f:8a:a0:38:08:c2:fd:40: 88:7b:43:79:7c:59:44:c2:df:d1:80:18:b3:18:1f:19:97:b6: b3:05:0d:96:df:38:6a:6e:31:12:11:82:18:56:46:47:0b:44: 5e:21:37:f7:2d:25:81:38:2b:89:92:cb:93:c2:90:ce:b3:57: 85:5b:c5:0f:b6:d2:d8:d1:9a:e3:6b:a5:0e:90:10:29:8b:69: bb:ad:be:6f:07:c4:67:8c:f5:6f:82:67:3e:86:ed:61:d9:4c: 8a:b9:1f:4b:20:41:75:b9:b3:34:e4:1f:17:d2:e0:2a:67:b6: 5b:54:48:b9:8c:f7:bc:f9:bb:fb:0f:4f:02:bd:c4:1b:50:8d: 69:32:9b:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlFODIxMTAvBgNVBAUTKDVFNzJBQTdENUIxRDU2MzJFNUQzM0ZFQzcyRkE3NDMz RjQ5Q0UyOUEwHhcNMjUwODIzMDQwNzM1WhcNMjUwODMwMDQwNzM1WjAYMRYwFAYD VQQDEw02OGE5M2U4Ny1mNDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA50FEox3KeXQBnZUq+r0QCCPlm1hH/I70LHkOT6h7DBQ1q6fUPqL5pXOr/g7N ZFVkiLC/SrUA1BLK+5z4dG+zqVqW8e9suYISwNxItw/IaiyzhlWhoqKwGkx7zjfq Eb4c+UrBicG6O9wSqVu5y/oteeGou8TwTBeJgKGvgytGeR2OCz5MhThRbCjWGHEb jdSbNLJ3fNT3mZ52inuBPCxkK0CzIa9M5B9eElqM28QD6aYUjEVV7eCWegI/raLp 4tCM4cxd5m6NR6Sm/w/48AqsuoMZvZggw1MqalXx00/2eb3sd/xzhPk+rbHScSB0 5JsSlaOR1o5jDgH5GEW/ZSf7pQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLE69Z/E B21zw7Xuy5CenbOnFl2IMB8GA1UdIwQYMBaAFF5yqn1bHVYy5dM/7HL6dDP0nOKa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUU4Mi9FQTdFNUZBNjYz NkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZqTGwwel9zY3ZwME1fU2M0 cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1huS3FmVnNkVmpMbDB6X3NjdnAwTV9TYzRwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUU4Mi9FQTdFNUZBNjYzNkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZq TGwwel9zY3ZwME1fU2M0cG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBm7mqFh3bwOswgT95pm5f8CVF9xhqvTINYiCOUc6IRIECdIrnYgrlv Qjqrue+j7yKl26Mu7aCM70h6fTOT01Y9G6+H83F6NJg3ExuDbwv8OFlGzuU/0OQi /fVtlrgl9QR11PwjzoS7ySMNLpZZqfYh6holzrP/f4qgOAjC/UCIe0N5fFlEwt/R gBizGB8Zl7azBQ2W3zhqbjESEYIYVkZHC0ReITf3LSWBOCuJksuTwpDOs1eFW8UP ttLY0Zrja6UOkBApi2m7rb5vB8RnjPVvgmc+hu1h2UyKuR9LIEF1ubM05B8X0uAq Z7ZbVEi5jPe8+bv7D08CvcQbUI1pMptx -----END CERTIFICATE-----Generated at Sat Aug 23 15:44:46 2025 by rpki-client